add-restriction macro

Owned by Robert Alexander Marshall
Last updated: May 08, 2024
3 min read
1 Overview | 2 Where to use it? | 3 Parameters | 4 Example | 5 All examples

Overview

The add-restriction macro is used to add view or edit content-level permissions.

When using the add-restriction macro the specified Confluence permissions are restricted to the users listed.

Restrictions don't give users permission for a page or blog post - they limit the permissions to the named users.

For example, if everyone has edit/view permissions for the space and you add edit restrictions to a page - for user A and user B - only user A and user B can edit the page. Everyone else is only able to view the page.

Where to use it?

Optional.

One or more add-restriction macros can be put in a trigger macro.

If you want to remove these restrictions you can use the remove-restriction macro.

You can remove/add or add/remove restrictions using these macros in any order.

If you want to add restrictions immediately after removing restrictions of the same type, you can use the set-restrictions macro instead.†

Parameters

Parameter

Required

Default

Notes

Parameter

Required

Default

Notes

type



What type of permission to set?

  • view – assign the user/group view permission

  • edit – assign the user/group edit permission

Note: The permissions are set using Confluence's content-level permissions system and can thus be altered via the padlock icon.

user



One or more users to assign type permission to:

group



One or more user groups to assign type permission to:

At least one user or group must be specified. Both can also be used at the same time.

† In some cases, due to Confluence permission threads, rather than using remove-restriction macro then add-restriction, it may be useful to use set-restrictions macro. This macro clears any existing restriction of the type being set (view or edit) before setting that permission for the listed users or groups.

From v6.16.14+, when adding the add-restrictions macro to a trigger, any an invalid user/group (disabled/deleted user) will be ignored and restrictions will be set for the defined valid users.

Example

The following examples restrict view permission to

  • the user who created the page

  • users who are members of the Confluence user group moderators

Adding a view restriction on creating a new page:

{workflow:Restrictions} {state:Test} {state} {trigger:pagecreated} {add-restriction:type=view|user=@user@|group=moderators} {trigger} {workflow}

Adding a view restriction on creating a new blog post:

{workflow:Restrictions} {state:Test} {state} {trigger:newscreated} {add-restriction:type=view|user=@user@|group=moderators} {trigger} {workflow}

Adding a view restriction on creating a new blog post or a new page requires both the above triggers in the applied workflow:

{workflow:Restrictions} {state:Test} {state} {trigger:newscreated} {add-restriction:type=view|user=@user@|group=moderators} {trigger} {trigger:pagecreated} {add-restriction:type=view|user=@user@|group=moderators} {trigger} {workflow}

The restrictions can then be removed, for example, on approving the content

All examples

See also

External Links:

Workflow Authoring Guide: